diff options
author | Bryan Drewery <bdrewery@FreeBSD.org> | 2021-03-18 20:49:44 +0000 |
---|---|---|
committer | Bryan Drewery <bdrewery@FreeBSD.org> | 2021-03-18 20:49:44 +0000 |
commit | 655d7a8ba0b151a4ad5e9b95a78e09de64998833 (patch) | |
tree | 6957a762b954e4a3ea7b5ab1458fc133ab7f8436 /security/openssh-portable | |
parent | a8b3b779643a3306389bbbce523181864b174595 (diff) | |
download | ports-655d7a8ba0b151a4ad5e9b95a78e09de64998833.tar.gz ports-655d7a8ba0b151a4ad5e9b95a78e09de64998833.zip |
Add limited patch for CVE-2021-28041 from upstream.
Notes
Notes:
svn path=/head/; revision=568761
Diffstat (limited to 'security/openssh-portable')
-rw-r--r-- | security/openssh-portable/Makefile | 2 | ||||
-rw-r--r-- | security/openssh-portable/files/patch-zz-8.4-CVE-2021-28041 | 32 |
2 files changed, 33 insertions, 1 deletions
diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile index eb1a332b0c21..65b590d3e38c 100644 --- a/security/openssh-portable/Makefile +++ b/security/openssh-portable/Makefile @@ -3,7 +3,7 @@ PORTNAME= openssh DISTVERSION= 8.4p1 -PORTREVISION= 3 +PORTREVISION= 4 PORTEPOCH= 1 CATEGORIES= security MASTER_SITES= OPENBSD/OpenSSH/portable diff --git a/security/openssh-portable/files/patch-zz-8.4-CVE-2021-28041 b/security/openssh-portable/files/patch-zz-8.4-CVE-2021-28041 new file mode 100644 index 000000000000..4ac4a7061cb6 --- /dev/null +++ b/security/openssh-portable/files/patch-zz-8.4-CVE-2021-28041 @@ -0,0 +1,32 @@ +untrusted comment: verify with openbsd-68-base.pub +RWQZj25CSG5R2lgsgSLgQjjy3/BFahe7C64NJOej05Naf0mm//TKykuXL7pxOVsY5rnXH0A6vBdO5UNx7PkuTxLOACHx5xV7Gws= + +OpenBSD 6.8 errata 015, March 4, 2021: + +Double free in ssh-agent(1) + +Apply by doing: + signify -Vep /etc/signify/openbsd-68-base.pub -x 015_sshagent.patch.sig \ + -m - | (cd /usr/src && patch -p0) + +And then rebuild and install ssh (as well as ssh-agent) + cd /usr/src/usr.bin/ssh + make obj + make clean + make + make install + +Index: usr.bin/ssh/ssh-agent.c +=================================================================== +RCS file: /cvs/src/usr.bin/ssh/ssh-agent.c,v +diff -u -p -u -r1.264 ssh-agent.c +--- ssh-agent.c 18 Sep 2020 08:16:38 -0000 1.264 ++++ ssh-agent.c 3 Mar 2021 01:08:25 -0000 +@@ -567,6 +567,7 @@ process_add_identity(SocketEntry *e) + goto err; + } + free(ext_name); ++ ext_name = NULL; + break; + default: + error("%s: Unknown constraint %d", __func__, ctype); |